Job Title:  Lead Information Security Analyst

Nomura Overview:

Nomura is a financial services group with an integrated global network. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its four business divisions: Wealth Management, Investment Management, Wholesale (Global Markets and Investment Banking), and Banking. Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.

Nomura Services, India supports the group’s global businesses. With world-class capabilities in trading support, research, information technology, financial control, operations, risk management and legal support, the firm plays a key role in facilitating the group’s global operations across four international regions.

At Nomura, creating an inclusive workplace is a priority. Our approach to inclusion encompasses a variety of initiatives, including sensitization campaigns, implementing conducive policies & programs, providing infrastructure support and engaging in community events. Over time, we have made meaningful progress in these areas, and this commitment has been well-recognized across the industry. We are proud recipients of the prestigious Top 10 Employers award by the India Workplace Equality Index (IWEI), IWEI Gold Employer of Choice awards, India CSR Leadership Award 2024 for Holistic Village Development Program and the YUVA Unstoppable Changemaker Awards.

What We Offer:

• We support employee wellbeing by ensuring a sense of purpose and belonging.
• We offer a comprehensive range of wellbeing services which allows employees to get access to the assistance they need at any point in their wellbeing journey.
• Our bespoke benefits support employees and their family’s holistic wellbeing and are inclusive of diverse identities and family structures.

Role & Responsibilities:

• Conduct comprehensive security architecture assessments for applications, systems, and infrastructure.
• Assessing compliance with solution architecture blueprints, patterns and reference architectures.
• Implement secure-by-design principles in solution architecture and development processes.
• Review and validate security controls in existing and proposed systems.
• Develop security architecture patterns, standards, and guidelines.
• Create detailed architecture diagrams and documentation using visualization tools.
• Collaborate with security engineering teams to integrate security requirements into the software development lifecycle.
• Perform security risk assessments and threat modelling exercises.
• Ensure compliance with industry standards and regulatory requirements.
• Document security architecture decisions and maintain architecture artifacts.
• Support audit activities and compliance reporting.
• Manage security architecture projects and initiatives using Jira for tracking and workflow management.
• Maintain comprehensive documentation in Confluence including security standards, procedures, and knowledge base articles.
• Create and maintain security architecture repositories and knowledge management systems.
• Work closely with cross-functional teams including DevOps, infrastructure, and application development.
• Provide security guidance and recommendations to stakeholders.
• Participate in architecture review boards and security committees

Mandatory Skill Set :

• BFSI Domain
• Investment Banking Domain
• Must have 9-10 years of hands-on experience in cybersecurity domain.
• Proven experience in security architecture assessments and secure-by-design implementations.
• Experience with enterprise security frameworks and methodologies.
• Deep understanding of security architecture principles and frameworks
• Proficiency in threat modeling methodologies (STRIDE, PASTA)
• Knowledge of security controls and standards (NIST, ISO 27001, CIS Controls)
• Experience with security assessment tools and techniques.
• Understanding of network security, application security, cloud security and data protection domains.
• Expertise in creating detailed architecture diagrams using visualizations, including network diagrams, system architecture, data flow diagrams, and security control mappings
• Strong documentation skills with experience in creating technical specifications, security procedures, and architectural decision records.

Desired Skill Set :

• CISSP (Certified Information Systems Security Professional) - Preferred
• CCSP (Certified Cloud Security Professional) - Preferred
• Additional relevant certifications (SABSA, TOGAF, AWS/Azure security certifications) – Advantage
• Experience working in agile environments with cross-functional teams.
• Proficiency in using Jira for project tracking, issue management, and agile workflows.
• Experience with Confluence for documentation, knowledge management, and collaborative content creation.
• Strong analytical and problem-solving abilities.
• Excellent written and verbal communication skills.
• Ability to work independently and manage multiple priorities.
• Strong attention to detail and quality-focused approach.

We are committed to providing equal opportunities throughout employment including in the recruitment, training and development of employees. We prohibit discrimination in the workplace whether on grounds of gender, marital or domestic partnership status, pregnancy, carer’s responsibilities, sexual orientation, gender identity, gender expression, race, color, national or ethnic origins, religious belief, disability or age.

*Applying for this role does not amount to a job offer or create an obligation on Nomura to provide a job offer. The expression "Nomura" refers to Nomura Services India Private Limited together with its affiliates.

*The benefits are subject to change and will be in accordance with Company’s policies as may be applicable from time to time).